A problem federal agencies face in deploying effective continuous monitoring is that there's just too much guidance, former federal chief information security officer Patrick Howard says.
A retailer should help pay for card re-issuance and other expenses after a breach if the merchant is shown to have had inadequate security in place, says Viveca Ware of the Independent Community Bankers of America.
Congress heard testimony from cybersecurity experts this week about the steps that should be taken to minimize the risk of breaches of the payments system. Learn what Troy Leach of the PCI Council and others had to say.
Despite certain evidence that suggests a possible breach at Sally Beauty Supply, the retailer maintains that a recent cyber-attack against its point-of-sale network did not expose card data.
MasterCard and Visa have announced the formation of a cross-industry group that will work on improving U.S. payment security by advancing migration to chip cards as well as point-to-point encryption.
Advice on how to encourage information sharing while preserving control over access to data is provided in a new special publication from the National Institute of Standards and Technology.
Distributed-denial-of-service attacks are a concern for all organizations. But financial institutions face unique challenges, and so they require a unique level of protection, says Mark Byers of Fortinet.
If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
In the wake of its data breach last year, Target Corp. is overhauling its information security and compliance practices, launching a search for a new CIO and creating the position of chief information security officer.
Social networking site Meetup has been facing ongoing DDoS attacks. It received a notification the attacks would continue unless it paid a fee, which highlights the rising concern of extortion tied to DDoS.
Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity, equates the department's continuous diagnostics and mitigation initiative with a medical probe detecting an infection in the human body.
Identity is the new perimeter, and that concept stretches organizations into lots of new directions when managing access and privileges - especially in the mobile age, says John Hawley of CA Technologies.
White House Cybersecurity Coordinator Michael Daniel assesses the cyberthreat environment facing the nation and explains what the federal government is doing about it.
In a keynote address at the RSA 2014 Conference, Kevin Mandia, founder of Mandiant, warns organizations to beware of "victim's fatigue," or letting your guard down after going six months without a breach.
Sears is denying claims that its network may have been compromised by a cyber-attack that exposed card data. Other sources say they are still unsure, and that Sears may be the next breached retailer.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.